package cn.seaboot.admin.security.web;

import cn.seaboot.admin.security.auth.SecurityAuthorityProvider;
import cn.seaboot.admin.user.bean.User;
import cn.seaboot.admin.user.bean.UserDept;
import cn.seaboot.admin.user.context.UserContext;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.annotation.Resource;
import java.util.Collection;

/**
 * t_sys_security_chain - Controller
 *
 * @author Mr.css on 2018-6-20
 */
@Controller
@RequestMapping("sys/security/")
@Tag(name = "Security权限 管理")
public class SecurityAuthorityCtrl {

    @Resource
    private UserContext userContext;

    @Resource
    private SecurityAuthorityProvider securityAuthorityProvider;

    /**
     * 查列表
     *
     * @return listMap
     */
    @ResponseBody
    @Operation(description = "当前用户已授权角色列表")
    @RequestMapping(value = "granted/roles", method = RequestMethod.GET)
    public Collection<GrantedAuthority> queryList() {
        UserDept dept = userContext.getUserDept();
        return securityAuthorityProvider.queryGrantedRoles(dept);
    }

    /**
     * 查列表
     *
     * @return listMap
     */
    @ResponseBody
    @Operation(description = "当前用户已授权权限列表")
    @RequestMapping(value = "granted/permits", method = RequestMethod.GET)
    public Collection<GrantedAuthority> queryGrantedPermits() {
        UserDept dept = userContext.getUserDept();
        return securityAuthorityProvider.queryGrantedPermits(dept);
    }

    /**
     * 查列表
     *
     * @return listMap
     */
    @ResponseBody
    @Operation(description = "当前用户已授权全部权限列表")
    @RequestMapping(value = "granted/all", method = RequestMethod.GET)
    public Collection<GrantedAuthority> queryGrantedAuthority() {
        User user = userContext.getUser();
        return securityAuthorityProvider.queryGrantedAuthority(user);
    }
}
